<?php
	//引入配置文件和数据操作函数
	require '../../public/config.php';
	require '../../public/mysql.php';
	//接受操作
	$action = $_GET['a'];
	//判断是哪一个操作
	switch ($action) {
		case 'add':
    
            //接受来自表单的数据
			// var_dump($_POST);
		    $username=$_POST['username'];
			$sex=$_POST['sex'];
			$phone=$_POST['phone'];
			$email=$_POST['email'];
			$role=$_POST['role'];
			$addtime=time();
			 $link=connect();
			 //对表单的数据进行正则验证
                 $preg='/\S+/';
				 if(@!preg_match($preg,$username)){
				         echo "<script>alert('没写用户名！');location.href='./userAdd.php'</script>";
                       die();
				 }
               //验证邮箱
			   $pregEmail = '/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/';
               if(@!preg_match($pregEmail,$email)){
			   echo "<script>alert('邮箱不对！');location.href='./userAdd.php'</script>";
			         die();
			   }
               //验证手机号
			   $pregPhone = '/^1(3|4|5|7|8)\d{9}$/';
               if(@!preg_match($pregPhone,$phone)){
			   echo "<script>alert('手机号不对！');location.href='./userAdd.php'</script>";
			         die();
			   }
              

             
			$sql="insert into user(username,pass,sex,phone,email,role,rules,addtime) value('{$username}','123456','{$sex}','{$phone}','{$email}','{$role}', 0, '{$addtime}')";
			// echo $sql;die;
			//发送 $sql语句并执行
			$result=excute($link['mess'], $sql);

			//根据执行的结果，返回不同的页面
			if ($result['error']) {
			echo "<script>alert('添加成功');location.href='../index.php'</script>";
					die();
			} else {
				echo "<script>alert('添加失败');location.href='./userAdd.php'</script>";
					die();;
			}
		break;
		case 'edit':
			$id=$_POST['id'];
			$username=$_POST['username'];
			$sex=$_POST['sex'];
			$phone=$_POST['phone'];
			$email=$_POST['email'];
			$role=$_POST['role'];

              $link=connect();
              //对表单的数据进行正则验证
                 $preg='/\S+/';
				 if(@!preg_match($preg,$username)){
				         echo "<script>alert('没写用户名！');location.href='./userList.php'</script>";
                       die();
				 }
               //验证邮箱
			   $pregEmail = '/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/';
               if(@!preg_match($pregEmail,$email)){
			   echo "<script>alert('邮箱不对！');location.href='./userList.php'</script>";
			         die();
			   }
               //验证手机号
			   $pregPhone = '/^1(3|4|5|7|8)\d{9}$/';
               if(@!preg_match($pregPhone,$phone)){
			   echo "<script>alert('手机号不对！');location.href='./userList.php'</script>";
			         die();
			   }
              $sql="update user set username='{$username}',pass=123456,sex='{$sex}',phone='{$phone}',email='{$email}',role='{$role}', rules=0, addtime=111122111  where id = $id";
//              echo $sql;
//              die();
   			 $result=excute($link['mess'], $sql);
		

			//根据执行的结果，返回不同的页面
			if ($result['error']) {
				echo "<script>alert('修改成功');location.href='./userList.php'</script>";
					die();
				
			} else {
				echo "<script>alert('修改失败');location.href='./userEdit.php'</script>";
					die();
			}

	
		break;

		//修改权限的操作
		case 'setRules':
			//接受用户传递的数据
			//用户的id
			$id = $_GET['id'];
			//权限值
			$rules = $_GET['rules'];
			//修改用户的权限
			//准备sql语句
			$sql = "update user set rules='{$rules}' where id = '{$id}'";
			echo $sql;
			//连接数据库
			$link = connect();
			$result = excute($link['mess'], $sql);
			//判断是否操作成功
			if ($result['error']) {
				header('location:./userList.php');
			} else {
				die('操作失败');
			}
		break;
        
		case 'del':
			//接受登录数据
					session_start();
	 $startrole = $_SESSION['admin']['role'];
			$id = $_GET['id'];
		$sql = "delete from user where id=$id"; 
		$link = connect();
		if($startrole == 0){
		excute($link['mess'],$sql);
		header('location:./userList.php');}else{
			echo "<script>alert('无权限删除用户，请获取最高权限');location.href='./userList.php'</script>";
		}
			
		break;
		case 'pass':
			$id=$_POST['id'];
			$username=$_POST['username'];
			$pass=$_POST['pass'];



              $link=connect();
             
              $sql="update user set username='{$username}',pass='{$pass}' where id = $id";
//              echo $sql;
//              die();
   			if ($link['error']) {
				$result = excute($link['mess'], $sql);
				if ($result['error']) {
					echo "<script>alert('修改成功');location.href='./userList.php'</script>";
					die();
				}
			}
		      

			//根据执行的结果，返回不同的页面
			if ($result['error']) {
				header('location:./userList.php');
				
			} else {
				header('location:./userEdit.php');
			}
           break;
		   	case 'deladd':
			//接受登录数据
					session_start();
	 $startrole = $_SESSION['admin']['role'];
			$id = $_GET['id'];
		$sql = "delete from vip where id=$id"; 
		$link = connect();
		if($startrole == 0){
		excute($link['mess'],$sql);
		header('location:./addList.php');}else{
			echo "<script>alert('无权限删除用户，请获取最高权限');location.href='./addList.php'</script>";
		}
			
		break;
	}
?>